Tandem
/
certspotter
mirror of https://github.com/SSLMate/certspotter.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Disable TLS certificate validation when communicating with log 

See the source code comments for an explanation for why this is both
necessary and not insecure.
This commit is contained in:
Andrew Ayer 2017-10-18 21:34:51 -07:00
parent 1a6ed13fd6
commit 7283e51420
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ct/client/logclient.go
View File

@ -6,6 +6,7 @@ package client
import ( import (
"bytes" "bytes"
"crypto/sha256" "crypto/sha256"
"crypto/tls"
"encoding/base64" "encoding/base64"
"encoding/json" "encoding/json"
"errors" "errors"
@ -94,6 +95,16 @@ func New(uri string) *LogClient {
ResponseHeaderTimeout: 30 * time.Second, ResponseHeaderTimeout: 30 * time.Second,
MaxIdleConnsPerHost: 10, MaxIdleConnsPerHost: 10,
DisableKeepAlives: false, DisableKeepAlives: false,
TLSClientConfig: &tls.Config{
// We have to disable TLS certificate validation because because several logs
// (WoSign, StartCom, GDCA) use certificates that are not widely trusted.
// Since we verify that every response we receive from the log is signed
// by the log's CT public key (either directly, or indirectly via the Merkle Tree),
// TLS certificate validation is not actually necessary. (We don't want to ship
// our own trust store because that adds undesired complexity and would require
// updating should a log ever change to a different CA.)
InsecureSkipVerify: true,
},
} }
c.httpClient = &http.Client{Transport: transport} c.httpClient = &http.Client{Transport: transport}
return &c return &c